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(57) Abstract 

A messaee to be communicated over an unsecure communications link (16) is fragmented (26) into a plurality of packets (each of 
cerhapt vST ^"packets are then individually transmitted (20) over the unsecure communications link with an '^educed 
varyK S Smlyor Jeudo-randomly) selected inter-packet time interval (delay). Received packets are to— >«2£ 
reSate Se original message To provide enhanced security against eavesdropping, the packets are not only transmitted ™ namely 
Zner Ss) wTh me inter-packet time delay, but are also either routed (32) over different transm.ss.on paths (34) supported by the 
communications link or disoidered (30) in a random or pseudc-random manner prior to transmission. 
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DATA TRANSFER METHOD WITH VARYING 
PACKET TRANSMISSION TIME INTERVAL 
SECURITY PROTOCOL 



BACKGROUND OF THE INVENTION 
Tf . phnir.a1 Fiel d of thp Tnvftntion 

The present invention relates to a method and system for providing secure 
communications and, in particular, to a method and system for splitting a sensitive 
message to be communicated into plural packets (perhaps having variable lengths) and 
then transmitting the individual packets from a source to a destination with a selected 
varying time interval between successive packets. 

f> ff S rription of Related Art 

More and more frequently, users have a need to communicate sensitive 
information over unsecure communications links. Many sophisticated scrambling and 
encrypting techniques have been developed to support secure communications efforts 
in such environments. These sophisticated techniques are often times quite complex 
procedures. There may also be sizeable monetary expense associated with the 
implementation of these techniques. In many instances, such sophisticated techniques 
provide an "over-engineered" and too expensive solution to the concern of deterring 
eavesdropping. What is needed is a more suitable solution (from both a complexity 
and expense perspective) that provides some deterrence protection against third party 
eavesdropping on communications messages transmitted over unsecure 
communications links. 

SUMMARY OF THE INVENTION 

A message to be communicated over an unsecure communications link is 
fragmented into a plurality of packets. These individual packets may, if desired, have 
varying lengths. A transmitter module then individually transmits the packets over the 
unsecure communications link. The transmissions of the individual packets are made 
by the module in such a fashion as to introduce a varying (perhaps, randomly or 
pseudo-randomly) selected inter-packet time interval (delay) between successive 
packets. At a receiver module, the transmitted packets are received and reassembled 
to regenerate the original message. This protocol for non-timely transmission of the 
individual message packets serves to make it more difficult for an eavesdropper to 
capture all of the message packets and reconstruct the transmitted message. Enhanced 
security is provided by not only transmitting the packets in a non-timely manner, but 
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aJso by either sending the packets over different transmission paths supported by the 
communications link or disordering the packets in a random or pseudo random manner 
prior to transmission. 

BRIEF DESCRIPTION OF THE DRAWINGS 

A more complete understanding of the method and apparatus of the present 
invention may be acquired by reference to the following Detailed Description when 
taken in conjunction with the accompanying Drawings wherein: 

FIGURE 1 is a block diagram of a communications system implementing a 
security protocol in accordance with the present invention; and 

FIGURE 2 is a flow diagram illustrating a method of operation concerning the 
security protocol of the present invention. 

DETAILED DESCRIPTION OF THE DRAWINGS 

Reference is now made to FIGURE 1 wherein there is shown a block diagram 
of a communications system 10 implementing a security protocol in accordance with 
the present invention. The communications system 10 includes an origination node 
1 2 and a destination node 14 interconnected for communication by a communications 
link 16. The origination node 12 includes a source 18 for generating message traffic. 
The source 18 generated messages are then handled by a transmitter module 20 for 
transmission over the communications link 16 towards the destination node 14. A 
receiver module 22 in the destination node 14 receives the transmitted messages, and 
outputs the messages to a message sink 24. 

The transmitter module 20 includes a first functionality 26 for taking a 
message received from the source 18 and fragmenting the message into a plurality of 
individual packets. The fragmenting process may, if desired, generate individual 
packets of varying, rather than consistent, lengths. The transmitter module 20 then 
utilizes a second functionality 28 for transmitting the generated individual packets in 
a non-timely fashion. By "non-timely" it is meant that the individual packets are 
transmitted by the transmitter module 20 over the communications link 16 with a 
varying inter-packet time interval (delay) between successive packets in the source 
originated message. This introduced delay between packets may be of either a 
randomly or pseudo randomly selected duration. The introduced varying inter-packet 
time delay serves to enhance the security of packet transmission over the 
communications link 16 as a potential eavesdropper does not know when each of the 
successive packets comprising the complete message are to be transmitted. Delays 
may be selectively chosen (from packet to packet) in a variable range from as short as 
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a few milliseconds to as long as a few minutes. Even longer delays (on the order of 
hours or days) providing for even more secure message communication may be 
specified and implemented by the functionality 28 for use in situations where 
communication of the original message is not time-sensitive in nature. To provide for 
even more secure message communication, a third and a fourth functionality, 30 and 
32, respectively, are selectively implemented in conjunction with the non-timely 
transmission functionality 28. The third functionality 30 further introduces a random 
or pseudo random disordering of the message packets prior to non-timely transmission 
over the communications link 16. The fourth functionality 32 further introduces the 
transmission of the individual packets over different ones of a plurality of 
communications paths 34 supported by the communications link 16. In this regard, 
the paths 34 may comprise different logical or physical channels within the 
communications link 16. 

The receiver module 22 includes a message reassembly functionality 36 for 
receiving the non-timely transmitted packets (perhaps in either or both a disordered 
manner and/or from different paths 34), and then coordinating the reconstruction of 
the original message as generated by the source 18. The reconstructed message is then 
output by the functionality 36 to the sink 24 for further processing and handling. The 
functionality 36 includes appropriate memory (not shown) for temporarily caching 
received message packets prior to processing and completion of the message 
reconstruction action. 

In a specific implementation of the present invention, the system 10 comprises 
a telecommunications system, the origination node 12 sends a message on behalf of 
a user (such as a user mobile station), the destination node 14 comprises a network 
communications node (such as a mobile switching center or home location register), 
and the communications link 16 comprises a signaling network of the 
telecommunications system. In this implementation, the message being 
communicated in a fragmented, non-timely manner may comprises sensitive 
telecommunications information such as authentication data. The secure transmission 
protocol of the present invention accordingly provides a level of defense against the 
interception of this sensitive mobile station information and possible cloning of the 
mobile station. 

Reference is now made to FIGURE 2 wherein there is shown a flow diagram 
illustrating a method of operation concerning the security protocol of the present 
invention. In step 100, a message is originated for transmission. In step 102, that 
originated message is fragmenting into a plurality of individual packets. The 
fragmenting process of step 102 may, if desired, generate individual packets of 
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varying, rather than consistent, lengths. Next, in step 104, the generated individual 
packets are optionally disordered in either a random or a pseudo random manner. The 
generated individual packets are then transmitted in step 106 in a non-timely fashion 
such that there is introduced between the transmission of individual packets a 
randomly or pseudo randomly varying inter-packet time interval (delay). The non- 
timely transmission of step 106 may further involve selectively transmitting the 
individual packets over different ones of a plurality of communications paths (such as 
plural physical or logical channels). In step 108, the non-timely transmitted packets 
are received. Reassembly of the packets back into the original message occurs in step 
110. This step of reassembly in step 1 10 accounts not only for the introduced inter- 
packet time delay, but also for any optionally introduced variance in packet size, 
packet disordering or differences in transmission path. The regenerated message is 
then output in step 1 12. 

Although preferred embodiments of the method and apparatus of the present 
invention have been illustrated in the accompanying Drawings and described in the 
foregoing Detailed Description, it will be understood that the invention is not limited 
to the embodiments disclosed, but is capable of numerous rearrangements, 
modifications and substitutions without departing from the spirit of the invention as 
set forth and defined by the following claims. 
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WHAT IS CLAIMED IS: 

1 . A communications method, comprising the steps of: 

generating a message to be communicated; 

fragmenting the generated message into a plurality of message packets; 
transmitting each of the plurality of message packets comprising the message 
individually with a varying inter-packet transmission time interval; 
receiving the individually transmitted message packets; and 
reassembling the message from the received message packets. 

2. The method as in claim 1 wherein the varying inter-packet transmission 
time interval is randomly or pseudo randomly selected. 

3 The method as in claim 1 wherein the step of fragmenting comprises 
the step of fragmenting the message into a plurality of message packets having 
variable lengths. 

4. The method as in claim 1 further including the step of disordering the 
plurality of message packets prior to transmission. 

5 The method as in claim 4 wherein the step of disordering introduces a 
random or pseudo random shuffling of the message packets comprising the message. 

6 The method as in claim 1 wherein the step of transmitting further 
includes the step of transmitting the plurality of message packets over different ones 
of a plurality of communications paths. 

7. The method of claim 6 wherein the plurality of communications paths 
comprise plural physical channels. 

8. The method of claim 6 wherein the plurality of communications paths 
comprise plural logical channels. 

9. A communications system, comprising: 
a communications link; 

an origination node connected to the communications link and including 
functionality for fragmenting a message into a plurality of message packets and 
transmitting each of the plurality of message packets comprising the message 
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individually over the communications link with a varying inter-packet transmission 
time interval; and 

a destination node connected to the communications link and receiving the 
transmuted message packets, the destination node including functionality for 
reassembling the message from the received message packets. 

10. The system as in claim 9 wherein the functionality of the origination 
node mtroduces a randomly or pseudo randomly selected varying inter-packet 
transmission time interval. 

11. The system as in claim 9 wherein the functionality of the origination 
node fragments the message into a plurality of message packets having variable 
lengths. 



12. The system as in claim 9 wherein the functionality of the origination 
node further disorders the plurality of message packets prior to transmission. 

13. The system as in claim 12 wherein the disordering introduces a random 
or pseudo random shuffling of the message packets comprising the message. 

14. The system as in claim 9 wherein the functionality of the origination 
node for transmitting further transmits the plurality of message packets over different 
ones of a plurality of communications paths. 

15. The system of claim 14 wherein the plurality of communications paths 
comprise plural physical channels. 

16. The system of claim 14 wherein the plurality of communications paths 
comprise plural logical channels. 

17. The system as in claim 9 wherein the system comprises a mobile 
telecommunications system, the origination node transmits mobile station related 
sensitive information, the destination node comprises a network communications node 
and the communications link comprises a mobile telecommunications signaling 
network. 
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18. The system of claim 17 wherein the message contains mobile station 
authentication related information. 
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